Don't know what happened to my previous post (with the same subject). Couldn't see it after posting it.

I had problems with xoopsDB. I though it had to do only with my "delete"-queries but after some testing I found aout that xoopsDB wouldn't do anything if the request to the page was with method "GET" (with parameters as cgi). If I requested the same page from within a form with method "POST" it worked.
Why does it behave like that? Is it a security thing? I haven't read all documentation I must admit...

Thanks!

/stiffo

It is a security thing.

If the method is not POST or if the HTTP Referer check fails, XOOPS will not allow $xoopsDB->query() with anything but SELECT statements.

If you are in a secure environment, where you can trust the SQL query even though it is not submitted via POST and/or it is not with a valid HTTP Referer, you can use $xoopsDB->queryF() instead. This will go through regardless, but should only be used in these circumstances.

Ok, thank you very much for your reply!
That was a really good piece of information.
Now I don't have to wonder about that anymore.
My thumb is up for security constraints!